FilesExpand file tree

 develop

/

code-quality.yml

Copy path

View Runs

BlameMore file actions

BlameMore file actions

Latest commit

 

History

History

History

69 lines (60 loc) · 2.42 KB

 develop

/

code-quality.yml

Top

File metadata and controls

• Code
• Blame

69 lines (60 loc) · 2.42 KB

Raw

Copy raw file

Download raw file

Open symbols panel

Edit and raw actions

1

2

3

4

5

6

7

8

9

10

11

12

13

14

15

16

17

18

19

20

21

22

23

24

25

26

27

28

29

30

31

32

33

34

35

36

37

38

39

40

41

42

43

44

45

46

47

48

49

50

51

52

53

54

55

56

57

58

59

60

61

62

63

64

65

66

67

68

69

name: Code Quality

on:

push:

branches:

- 'master'

- 'develop'

- 'release/**'

pull_request:

types: [opened, synchronize, reopened]

jobs:

sonarcloud:

name: SonarCloud

runs-on: ubuntu-latest

steps:

- uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # https://github.com/actions/checkout/releases/tag/v6.0.2

with:

fetch-depth: 0

- name: SonarCloud Scan

uses: SonarSource/sonarqube-scan-action@a31c9398be7ace6bbfaf30c0bd5d415f843d45e9 # https://github.com/SonarSource/sonarqube-scan-action/releases/tag/v7.0.0

env:

SONAR_TOKEN: ${{ secrets.SONAR_TOKEN }}

- name: SonarQube Quality Gate check

uses: SonarSource/sonarqube-quality-gate-action@cf038b0e0cdecfa9e56c198bbb7d21d751d62c3b # https://github.com/SonarSource/sonarqube-quality-gate-action/releases/tag/v1.2.0

# Force to fail step after specific time

timeout-minutes: 1

env:

SONAR_TOKEN: ${{ secrets.SONAR_TOKEN }}

codeql:

name: CodeQL

runs-on: 'ubuntu-latest'

timeout-minutes: 60

permissions:

security-events: write

packages: read

actions: read

contents: read

strategy:

fail-fast: false

matrix:

language: [javascript-typescript]

steps:

- name: Checkout repository

uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # https://github.com/actions/checkout/releases/tag/v6.0.2

- name: Initialize CodeQL

uses: github/codeql-action/init@89a39a4e59826350b863aa6b6252a07ad50cf83e # https://github.com/github/codeql-action/releases/tag/v4.32.4

with:

languages: ${{ matrix.language }}

config-file: .github/codeql/codeql-config.yml

- name: Perform CodeQL Analysis

uses: github/codeql-action/analyze@89a39a4e59826350b863aa6b6252a07ad50cf83e # https://github.com/github/codeql-action/releases/tag/v4.32.4

with:

category: "/language:${{matrix.language}}"

fossa-scan:

name: FOSSA Scan

runs-on: ubuntu-latest

steps:

- uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # https://github.com/actions/checkout/releases/tag/v6.0.2

- uses: fossas/fossa-action@c414b9ad82eaad041e47a7cf62a4f02411f427a0 # https://github.com/fossas/fossa-action/releases/tag/v1.8.0

with:

api-key: ${{secrets.FOSSA_API_KEY}}